Partner Support



Select your language:

Configuring silent authentication for unique web browsers

This article will help you with configuring automatic authentication for users who log into a computer with an AD username and password to launch the Centrify Identity ServiceĀ portal. Also, since the username and password are coming from Active Directory, you can configure Single-Sign On (silent authentication) when accessing User Portal at

For Firefox:

The default host name used by the Centrify Identity Service Cloud service uses the format of http:// hostname, where hostname is the host name of the Cloud Connector. To configure Firefox for silent authentication, add the cloud connector URL to the list of trusted sites.

To configure silent authentication in Firefox:

  1. Open Firefox and type "about:config" as the target URL.
  2. Type "neg" in the Filter field.
  3. Select and right click network.negotiate-auth.trusted-uris and select Modify.
  4. Enter a comma-separated list of URLs or domain names as string values, then click OK.

For example, if the cloud proxy server runs on a computer with a host name of acme, type 'acme', then click OK. Note for security reasons, be as restrictive as possible in specifying the list of trusted sites.

For Internet Explorer:

Use the following procedure to enable silent authentication on each computer.

To enable Integrated Windows Authentication for Internet Explorer:

  1. Open Internet Explorer > select Tools > Internet Options > Click the Advanced tab.
  2. Scroll down to the Security settings. Check the Enable Integrated Windows Authentication box.
  3. Restart Internet Explorer.

If some users log on to Web applications using a fully-qualified path in the URL, they may need to modify the settings for the local intranet security zone in their Internet Explorer Web browser to enable silent authentication.

To configure the local intranet security zone in Internet Explorer:

  1. Open Internet Explorer and select Tools > Internet Options > Click the Security tab.
  2. Click the Local intranet icon > Click Sites > Click Advanced.
  3. Type the URL for the website to make part of the local intranet, then click Add.
  4. Wildcards can be used in the site address, for example, *://* .
  5. After adding the URLs or URL patterns, click Close.
  6. Click OK to accept the local intranet configuration settings, then click OK to close the Internet Options dialog box.
  7. Once the Local Intranet Security Zone in Internet Explorer is configured, the user should be able to log on to Web or Java applications through Kerberos or NTLM without being prompted to enter a username and password.

For Chrome:

In most cases, silent authentication works for Google Chrome without additional configuration, as long as the cloud proxy server host name is available in the DNS.

We value your feedback, please help us to improve this article by voting below.

Was this article helpful ?